From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56320)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <alevy@redhat.com>) id 1VIaCD-0002Nd-A9
	for qemu-devel@nongnu.org; Sun, 08 Sep 2013 04:18:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <alevy@redhat.com>) id 1VIaC7-0007FI-Es
	for qemu-devel@nongnu.org; Sun, 08 Sep 2013 04:18:13 -0400
Received: from mx3-phx2.redhat.com ([209.132.183.24]:44010)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <alevy@redhat.com>) id 1VIaC7-0007Ci-6m
	for qemu-devel@nongnu.org; Sun, 08 Sep 2013 04:18:07 -0400
Date: Sun, 8 Sep 2013 04:18:00 -0400 (EDT)
From: Alon Levy <alevy@redhat.com>
Message-ID: <2011033693.9766969.1378628280847.JavaMail.root@redhat.com>
In-Reply-To: <1378616919-18169-1-git-send-email-halfline@gmail.com>
References: <1378616919-18169-1-git-send-email-halfline@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 0/2] Try to fix problem with
	emulated	smartcards where invalid PIN succeeds
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Ray Strode <halfline@gmail.com>
Cc: Michael Tokarev <mjt@tls.msk.ru>, qemu-devel@nongnu.org, Robert Relyea <rrelyea@redhat.com>

> I started writing a blog post yesterday about virtualized smartcards here:
> 
> https://blogs.gnome.org/halfline/2013/09/08/another-smartcard-post/
> 
> and while testing what I was writing I noticed an invalid PIN worked when
> it shouldn't have. It turns out that typing a valid PIN once in one program
> in
> the guest, is enough to make all future programs asking for the PIN to
> succeed
> regardless of what gets typed in for the PIN.
> 
> I did some digging through the libcacard code, and noticed it uses the
> NSS PK11_Authenticate function which calls a function that has this comment
> above it:
> 
>     If we're already logged in and this function is called we
>     will still prompt for a password, but we will probably succeed
>     no matter what the password was.
> 
> Also, PK11_Authenticate short-circuits to an early "return SECSuccess" if the
> token
> is already logged in.
> 
> The two patches in this series attempt to correct this problem by calling
> PK11_Logout.
> I'm not 100% certain I've placed the PK11_Logout call in the best place, but
> it does
> seeming to fix the issue.

Hi Ray,

 Thanks for the patches! It looks good to me but I'll defer to Robert,

Alon

> 
> 
>